SECURITY WHILE TRAVELING

I often get asked at conferences about personal security when traveling, and whether or not you should use other WiFi networks (NO!!).

So I thought it was timely to pull together a quick post as I will be going on a very long overdue vacation shortly (overseas) and I need to set up the basics for all members of the family. The basic rules you need to always remember: – All public/open WiFi is insecure – What about hotel WiFi? It has a password… nope, same deal – stay away! – Anything you send across these networks can be intercepted – Never log into anything requiring credentials (username and password) or sensitive systems such as work resources or networks while on these networks. No internet banking! – There is no guarantee that a WiFi network really does belong to Maccas, or the hotel etc.

I get it, you have tonnes of photos that you want to upload to Facebook while you’re drinking cocktails by the pool, you also want to check emails from time to time too, well you can — just use a VPN.

I’ve blogged about the use of VPNs many times in the past, but for a refresher…

A VPN is the BEST way to prevent interception of your credentials and sensitive information. You basically install a piece of software which will create a network connection to another source for all of your traffic to run through. Basically a VPN creates a tunnel between you and another point, and all your information flows through the tunnel, which stops the bad guys from reading it or “sniffing” it.

Here is my 2 minute Visio diagram to explain it.

When you connect to “Free Public Wifi” which is being run by an attacker and you do not use a VPN, this is what happens:

– You go to log in, and you send your credentials over the WiFi network
– The attacker is running a MitM (Man-in-the-Middle) attack and is sniffing (collecting) any data that runs over that WiFi network including credentials
– The attacker harvests the data and sends on the credentials to Gmail or whatever service they use.

But, by using a VPN, that data is encrypted and effectively runs over a tunnel, which means the attacker gets nothing.

I personally use ProtonVPN. It’s a great solution and is available here: https://protonvpn.com/. It provides the best level of protection from snooping from both attackers and other tracking services.

You now need to download the VPN config file. Log into your account on ProtonVPN. Go to Downloads and select Android as your platform, UDP as the protocol and download the file for whichever location you want (or have available).

For my connection I’m going to use a secure core connection via Australia.

Save the VPN file.

You need to get this file to your Android device. You can email it to yourself or connect your phone and upload it via USB.

Obviously, if you are traveling overseas you will need to enable roaming before you go (if you plan on taking/receiving calls). Telstra call this ‘International Day Pass’ and it will set you back between $5 and $10 per day, which is way cheaper than roaming call rates. You can access it here: https://www.telstra.com.au/international-roaming/mobiles-on-a-plan#app, or via the Telstra App:

Wrapping up

Where possible always use a WiFi network belonging to the hotel or which requires authentication rather than an open network, but ALWAYS, ALWAYS use a VPN over these networks.

Internet cafes pose the same risks however, you usually don’t have the option to install or use a VPN so I would suggest you avoid these entirely.

Most of all enjoy your trip and stay safe while doing so!

This post first appeared on LinkedIn, published by Dan Weis, Head of Security and Lead Penetration Tester, Kiandra IT